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2a)D This action is FINAL. 2b)S This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 
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4) I3' Claim(s) 7*23 and 25 is/are pending in the application. 
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5) D Claim(s) is/are allowed. 

6) S Claim(s) 1-23 and 25 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 
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10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 
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DETAILED ACTION 

1 . This action is in regards to Amendment "B" received on 30 March 2005. 

2. Claims 1-23 and 25 remain pending. 

3. The specification has not been checked to the extent necessary to determine the 
presence of all possible minor errors. Applicant's cooperation is requested in correcting 
any errors of which applicant may become aware of. 

Claim Rejections - 35 USC §112 

4. Applicant's arguments, see REMARKS, paragraph 1 , filed 30 March 2005, with 
respect to 25 have been fully considered and are persuasive. The 1 12 1 st rejection of 
claim 25 has been withdrawn. 

Claim Rejections - 35 USC § 102 

5. The text of those sections of Title 35, U.S. Code not included in this action can 
be found in a prior Office action. 

6. Claims 1, 3-8, 10-15, and 17-23 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Fudge (U.S. 6,205,552). 

7. Regarding claims 1, 8, 15, 22, and 23, Fudge teaches a risk assessment scan, 
comprising: 

a) selecting a plurality of risk-assessment modules each including 

vulnerability checks associated with a risk-assessment scan, and requiring 
communication via at least one predetermined port (see Fig. 1 , part 160, 
col. 2, lines 58-63, and col. 3, lines 48-55); 
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b) determining a first set of ports required for communicating with network 
components subject to the risk-assessment modules associated with the 
risk-assessment scan (col. 3, lines 39-44 and col. 3, lines 64 - col. 4, line 
41); 

c) executing a port scan of only the first set of ports associated with the 
selected risk-assessment modules, for reducing the number of ports 
scanned during the port scan, wherein latency is reduced since a port 
scan involving 65,536 ports is avoided (col. 2, lines 22-27 and 34-36 and 
col. 2, lines 31-40). 

d) determining a second set of ports based in the port scan, the second set 
of ports being unavailable for communicating with the network 
components subject to the risk-assessment modules associated with the 
risk-assessment scan (col. 3, lines 35-39); and 

e) disabling the risk-assessment modules associated with the second set of 
ports to minimize the duration of the risk-assessment scan (col. 3, lines 
35-39 and 51-55). 

8. Regarding claims 3, 10, and 17, Fudge discloses the method wherein a plurality 
of the risk-assessment modules are user-specified (col. 3, lines 30-33). 

9. Regarding claims 4, 1 1 , and 1 8, Fudge discloses the method further comprising 
storing a third set of ports including the first set of ports and excluding the second set of 
ports (col. 3, lines 34-39). 
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10. Regarding claims 5 f 12, and 19, Fudge discloses the method further comprising 
comparing the port associated with each risk-assessment module with the stored third 
set of ports (col. 3, lines 39-44). 

1 1 . Regarding claims 6, 13, and 20, Fudge discloses the method further comprising 
performing the vulnerability checks of the risk-assessment module if the port associated 
with the risk-assessment module matches at least one port of the stored third set of 
ports (col. 3, lines 48-55). 

12. Regarding claims 7, 14, and 21, Fudge discloses the method wherein the risk- 
assessment module is disabled if the port associated with the risk-assessment module 
does not match at least one port of the stored third set of ports (col. 4, lines 25-31). 

Claim Rejections - 35 USC § 103 

13. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

14. This application currently names joint inventors. In considering patentability of 
the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 
the various claims was commonly owned at the time any inventions covered therein 
were made absent any evidence to the contrary. Applicant is advised of the obligation 
under 37 CFR 1 .56 to point out the inventor and invention dates of each claim that was 
not commonly owned at the time a later invention was made in order for the examiner to 
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consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 
prior art under 35 U.S.C. 103(a). 

15. Claims 2, 9, and 16 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Fudge in view of Choi (U.S. 5,734,824), hereinafter referred to as Choi. 

16. Regarding claims 2, 9, and 16, Fudge discloses the method of associating risk- 
assessment modules with ports (col. 2, lines 58-63), but is silent on the elimination of 
port redundancy. However in related prior art, Choi discloses a method for eliminating 
redundant communication ports (Choi, col. 8, lines 59-65). One of ordinary skill in the 
art at the time of the applicant's invention would have found it obvious to utilize the port 
redundancy elimination method as disclosed by Choi in combination with the risk- 
assessment method disclosed by Fudge. One would have been motivated to make 
such a combination in order to significantly reduce the time and cost involved in 
scanning for vulnerable devices in a network (see Fudge, col. 2, lines 20-23). 

17. Claim 25 is rejected under 35 U.S.C. 103(a) as being unpatentable over Fudge in 
view of what is well-known in the art as disclosed by Graham-Cumming, Jr. (U.S. 
6,182,146), hereinafter referred to as Graham. 

18. Regarding claim 25, Fudge discloses the method of associating risk-assessment 
modules with ports (col. 2, lines 58-63 and col. 3, lines 48-55) but does not explicitly 
disclose a web server vulnerability module associating with a predetermined port of 80, 
an e-mail vulnerability module with a predetermined port of 31337, and a Trojan 
program module with a predetermined port of 25. However, in conventional networking 
systems and what is regarded as well known in the computer networking arts as 
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disclosed by Graham, application and port mappings are well defined and it is well 
known to associate certain applications with specific ports both statically and 
dynamically in order to ensure the proper network communication between network 
nodes. For this reason, it would have been obvious to one of ordinary skill in the art at 
the time of the applicant's invention to modify Fudge to associate vulnerability modules 
with specific network ports which are already defined and standardized as explained 
above and in reference to Graham (see col. 1 , lines 14-40). 

Response to Arguments 

19. Applicant's arguments filed 30 March 2005 have been fully considered but they 
are not persuasive. 

20. (A) Applicant argues: "...the "scanning" in the above Fudge excerpts relates to 
scanning for vulnerabilities, not a port scan , as claimed by applicant..." 

21 . As to point (A), the applicant's argument is not persuasive. Fudge discloses in 
column 2, lines 34-37 and lines 58-63 the scanning for vulnerabilities by conducting the 
scan on ports and by scanning only ports that deemed necessary to be scanned. This 
is the same as claimed by applicant, "...port scan of only the first set of ports associated 
with the selected risk-assessment modules, for reducing the number of ports scanned 
during the port scan, wherein latency is reduced." Fudge also discloses in column 4, 
lines 21-24 services that are used at specific ports to conduct port scans. This is 
another way of conducting a port scan. 

22. (B) Applicant argues: "Fudge teaches away from applicant's claimed limited port 
scan that limited to only the first set of ports associated with the selected risk- 
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assessment modules, for reducing the number of ports scanned during the port scan, 
wherein latency is reduced since a port scan involving 65,536 ports is avoided ." 

23. As to point (B), the applicant's argument is not persuasive. In reference to point 
(A) Fudge discloses the scanning of only ports that are deemed necessary to be 
scanned. The ability to reduce the number of ports being scanned is also disclosed as 
explained above and it should be noted that to reduce the number of ports, in this case 
the maximum number of 65,536, is merely an inherent feature which is an expected 
event which is expected by the reduction of the number or ports being scanned in both 
the applicant's claims and in the invention as disclosed by Fudge. 

24. (C) Applicant argues: "...[Fudge does not disclose a] third set of ports including 
the first set of ports ... and excluding the second set of ports, and/or any comparison of 
the port associated with each risk-assessment module with the stored third set of 
ports..." 

25. As to point (C) t the applicant's argument is not persuasive. Fudge discloses the 
elimination of certain ports as explained in point (A) and discloses in column 3, lines 34- 
39 the ability to categorize ports into three different groups to assist in determining 
which ports should be scanned and which ports should not be scanned in order to 
reduce the time it takes to scan ports. Also, in column 4, lines 21-24, Fudge discloses 
the use of only scanning ports which use particularly well known services, thus the 
amount of ports scanned is reduced because functions are performed on less than all 
available ports. 
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Conclusion 

26. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Benjamin Ailes, whose telephone number is (571 ) 272- 
3899. The examiner can normally be reached Monday-Friday (7:30-5). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Andrew Caldwell can be reached at (571) 272-3868. The fax phone number 
for the organization where this application or proceeding is assigned is (703) 872-3906. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 

Communications via Internet e-mail regarding this application, other than those 
under 35 U.S.C. 132 or which otherwise require a signature, may be used by the 
applicant and should be addressed to [benjamin.ailes@uspto.gov]. 
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All Internet e-mail communications will be made of record in the application file. 
PTO employees do not engage in Internet communications where there exists a 
possibility that sensitive information could be identified or exchanged unless the record 
includes a properly signed express waiver of the confidentiality requirements of 35 
U.S.C. 122. This is more clearly set forth in the Interim Internet Usage Policy published 
in the Official Gazette of the Patent and Trademark on February 25, 1997 at 1 1 95 OG 
89. 

BAA Q^qj^QUu£^ 

ANDREW CALDWELL 
SUPERVISORY PATENT EXAMINER 



